I'm interested in receive changes notifications form google drive api.
In order to receive notifications you have to make an http request with the addess where notifications have to be received:
Example:
POST https://www.googleapis.com/drive/v3/changes/watch
Authorization: Bearer auth_token_for_current_user
Content-Type: application/json
{
"id": "4ba78bf0-6a47-11e2-bcfd-0800200c9a77", // Your channel ID.
"type": "web_hook",
"address": "https://somedomain.com/notifications", // Your receiving URL.
...
"token": "target=myApp-myChangesChannelDest", // (Optional) Your channel token.
"expiration": 1426325213000 // (Optional) Your requested channel expiration time.
}
As you can see, I'm setting that google sends push notifications at "https://somedomain.com/notifications".
Nevertheless, I'm on a local/development behavior environment and I would need to receive notifications on my local ip.
Is there any alternative.
You could use something like ngrok, or localtunnel. To install them just follow their links.
They allow you to expose your localhost to the world for testing.
Ngrok example: ngrok http <local-server-port>
Localtunnel example: lt --port <local-server-port>
You could use localtunnel and set up a subdomain that is stable to your development and use it to verify the domain in google verification.
There is a command that sets your subdomain statically
lt --port 8000 --subdomain {subdomain name here}
and then I verified the domain in Google through downloading a verification file (More on this during verification).
You should not get a domain and use it during development just to verify with google or any other service. It will only increase complexity
Related
I've changed my approach and turned to what worked earlier. I configured an API gateway to call the Google Cloud Functions and it called them with the appropriate permissions when I passed in an api key. I think it's erroring when trying to call the workflow because I didn't specify a resource. Not sure exactly though... It looks like the API key is working, but the OAuth is failing. My OAuth is configured with a fresh connection since I've made the workflow. It's authenticated on my end, I clicked my account in google and everything. I'm 99.99% sure the OAuth is configured correctly. When I called the GCP function with the API Gateway, I didn't have to use OAuth.
Is OAuth a requirement for the Workflows API? Are there any work arounds?
How to specify the params for the Workflow in the API Gateway config?
Named Credential:
Label GoogleCloudFunction
Name GoogleCloudFunction
URL https://workflowexecutions.googleapis.com
Hide Section - AuthenticationAuthentication
Certificate
Identity Type Named Principal
Authentication Protocol OAuth 2.0
Authentication Provider GoogleCloudAuth
Scope https://www.googleapis.com/auth/cloud-platform
Authentication Status Authenticated
Log from API Gateway:
httpRequest: {
latency: "0.039s"
protocol: "http"
requestMethod: "POST"
requestSize: "1269"
requestUrl: "/create-site-tracker-site?key=HIDDEN"
responseSize: "743"
status: 401
}
insertId: "48330ec2-7114-4270-b465-68ae6308bdc34850908905639612439#a1"
jsonPayload: {
api_key: "HIDDEN"
api_key_state: "VERIFIED"
api_version: "1.0.0"
http_status_code: 401
location: "us-central1"
log_message: "1.create_site_tracker_site_0s5865srg8pbr_apigateway_quick_hangout_329722_cloud_goog.CreateSiteFunction is called"
response_code_detail: "via_upstream"
}
API Config
# openapi2-functions.yaml
swagger: '2.0'
info:
title: create-site-tracker-site with auth
description: Create Site in Site Tracker using JSForce
version: 1.0.0
schemes:
- https
produces:
- application/json
paths:
/create-site-tracker-site:
post:
summary: Create Site
operationId: createSiteFunction
x-google-backend:
address: https://workflowexecutions.googleapis.com/v1/projects/us-central1-quick-hangout-329722/locations/us-central1/workflows/create-site-and-project/executions
security:
- api_key: []
responses:
'200':
description: A successful response
schema:
type: string
securityDefinitions:
# This section configures basic authentication with an API key.
api_key:
type: "apiKey"
name: "key"
in: "query"
Your HTTP request appears to include no "Authorization" header. Without this it is unlikely that you're call will succeed unless your Cloud Functions permit unauthenticated calls.
It's difficult to understand what you're doing because e.g. "works when I test it manually" is imprecise and provides little information about what you did. I assume (!?) you're using gcloud functions call which authenticates for you.
Please add more detail to your question include the commands that you tried and those that succeed and fail and include error messages.
The majority of Google's services are exposed as REST APIs and so you can invoke almost everything using simple HTTP commands.
Current work around is calling the workflow from a google cloud function, and then calling the function via API Gateway and passing a key. Gross but it works
I´m using dialogflow with http request on a project that works in twilio, with the recent need of migration to v2 API of dialogflow the client access token will not work. Reading the new authentication, I generated the json following the instructions in the google cloud docs, but can´t make it works. Because I need to do all the interaction through POST requests to the dialogflow agent, does anyone know how I can generate the authentication token well?
{
"error": {
"code": 401,
"message": "Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.",
"status": "UNAUTHENTICATED"
}
}
Thanks
This is the function code that today works to make the http request. The problem is that all the services are in Twilio and i dont have access to the server, for that I cant define the environment variable.
Twilio Function code
Twilio Fuctions uses NodeJs and allow me to install many npm modules, with the following limitation: "Native Packages Not Supported - Functions does not provide a C/C++ compliler required to complie native addon modules. This means modules that depend on node-gyp can not be installed to Functions."
I don´t know if this limitations affect service acount working to me in this case.
I'm on google cloud compute engine with a go webserver (no apache or nginx). I want to forward all http requests to https. My go code has ListenAndServe on port 8080 and the binary runs on port 3000 as https. This was accomplished using below.
gcloud compute forwarding-rules create pgurus --global --address
xxx.xxx.xxx.xxxx --ip-protocol TCP --ports=3000 --target-http-proxy
TARGET_HTTP_PROXY
Thanks in advance!
You can send back a 301 response when you receive an HTTP request. Google Cloud load balancer will set the X-Forwarded-Proto HTTP header with either the value HTTP or HTTPS. See this answer for details:
https://serverfault.com/a/735223
The HTTP response status code 301 Moved Permanently is used for
permanent URL redirection, meaning current links or records using the
URL that the response is received for should be updated. The new URL
should be provided in the Location field included with the response.
I am using The Chrome App for Postman and I am setting up my Access Tokens using OAUTH2. When I fill out the form, I am using the following:
Auth Url: https://[MY_API_URL]/api/authorize
Access Token URL: https://[MY_API_URL]/api/request/token
Client ID: xxxxxxxxxxx
Client Secret: xxxxxxxxxx
Scope: blank
Grant Type: Authorization Code
The callback url in my outh server is set to "https://www.getpostman.com/oauth2/callback"
When I click Request Token, I am taken to the proper Authentication page. When I submit my credentials, a new Chrome tab opens up with a blank page with the url https://app.getpostman.com/oauth2/callback?code=xxxxxxxxxx
I expect that this is supposed to redirect to the app so it can perform the access token request. from the access token url, but nothing is happening. Is this not the right callback uri?
This is an old question and things have changed since.
Google deprecated Chrome Apps, so Postman had to deprecate their old Chrome App client too, and so the old redirection URL (https://www.postman.com/oauth2/callback) no longer works.
According to this, with the more recent versions of Postman, the new redirection URL is https://oauth.pstmn.io/v1/callback.
You have change your permission type. Use Client Credentials instead of Authorization
I also faced same problem.
Just change Grant Type: Authorization Code to Grant Type: Client Credentials.
It worked for me.
Certainly as mentioned in other comments, for client_credentials it would work but for the Implicit or Authorization Code, I used "https://app.getpostman.com/oauth2/callback" as the callback url and it worked. Also it need to be configured in the application settings in oauth provider.
I've been using this callback url:
https://getpostman.com/oauth2/callbackurl
I want to use Oauth2 and Spring-security with rest web service. I am new for this, i am trying to create configuration with the help of some websites. Still, i clearly not understand how and what is the flow for oauth authenticate for rest service. i am using latest dependencies Click on the link for see my configurations. I am using database for store clients information and tokens. when i trying to access the token, using follwoing url with post request and post body:
http://localhost:8080/empirecl-api/oauth/token
grant_type=password&username=a#a.com&password=password&client_id=my-client-with-secret&client_secret=ak_secret
The basic authentication pop-up box will appear. I am using chrome rest postman client. I have user table in my database where i store, username and password, when i enter those username and password, the authentication fail, If i use i my client_id and client_secret as a username and password, the authentication is fail. When i cancel the pop of basic authentication following json is return:
{
"error": "unauthorized",
"error_description": "No client with requested id: a#a.com"
}
I am unable to figure out what will happen.
When i trying to access following url with get reqquest:
http://localhost:8080/empirecl-api/oauth/authorize?grant_type=password&username=a#a.com&password=password
The following error will return:
{
"error": {
"error": "invalid_client",
"error_description": "Bad client credentials"
}
}
When i check the error in console, of eclipse, the follwoing error is display:
AuthorizationEndpoint:436 - Handling ClientRegistrationException error: No client with requested id: null
How i resolve this problem and how to use Oauth with my rest api. I also want to secure my all rest url with Oauth.
There are a couple of things wrong here.
You are using the wrong endpoint - the request should be to the token endpoint, not the authorization endpoint.
It should be a POST request - you shouldn't be passing the parameters in the URL
You are confusing when the user has to authenticate and when the client does - the server was looking for Basic credentials from the client but you were entering the username.
See the oauth2 spec section on using the resource owner password grant.
The client needs to authenticate and, as porterhead points out, you can do this using Basic authentication. The spec does also allow passing of the client id and secret as post parameters, but prefers Basic authentication.
You should probably make sure you understand a bit more about how OAuth2 works, and perhaps expand your question to explain why you want to use it and why you've chosen this particular grant type.
You need to pass your client username and password as a Base64 encoded Authorization header.
Try using curl. Here is an example:
curl -v -X POST \
-H "Content-Type: application/json" \
-H "Authorization: Basic MzUzYjMwMmM0NDU3NGY1NjUwNDU2ODdlNTM0ZTdkNmE6Mjg2OTI0Njk3ZTYxNWE2NzJhNjQ2YTQ5MzU0NTY0NmM=" \
'http://localhost:8080/empirecl-api/oauth/token?grant_type=password&username=a#a.com&password=password'
I have a working example described here